how it protects user data, absence of stored data encryption, and potential
security risks involved with its use."

TechCrunch has more commentary, but no more information.

** *** ***** ******* *********** *************
The Age of Integrity

[2025.06.27] We need to talk about data integrity.

Narrowly, the term refers to ensuring that data isn't tampered with, either in
transit or in storage. Manipulating account balances in bank databases, removing
entries from criminal records, and murder by removing notations about allergies
from medical records are all integrity attacks.

More broadly, integrity refers to ensuring that data is correct and accurate
from the point it is collected, through all the ways it is used, modified,
transformed, and eventually deleted. Integrity-related incidents include
malicious actions, but also inadvertent mistakes.

We tend not to think of them this way, but we have many primitive integrity
measures built into our computer systems. The reboot process, which returns a
computer to a known good state, is an integrity measure. The undo button is
another integrity measure. Any of our systems that detect hard drive errors,
file corruption, or dropped internet packets are integrity measures.

Just as a website leaving personal data exposed even if no one accessed it
counts as a privacy breach, a system that fails to guarantee the accuracy of its
data counts as an integrity breach -- even if no one deliberately manipulated
that data.

Integrity has always been important, but as we start using massive amounts of
data to both train and operate AI systems, data integrity will become more
critical than ever.

Most of the attacks against AI systems are integrity attacks. Affixing small
stickers on road signs to fool AI driving systems is an integrity violation.
Prompt injection attacks are another integrity violation. In both cases, the AI
model can't distinguish between legitimate data and malicious input: visual in
the first case, text instructions in the second. Even worse, the AI model can't
distinguish between legitimate data and malicious commands.

Any attacks that manipulate the training data, the model, the input, the output,
or the feedback from the interaction back into the model is an integrity
violation. If you're building an AI system, integrity is your biggest security
problem. And it's one we're going to need to think about, talk about, and figure
out how to solve.

Web 3.0 -- the distributed, decentralized, intelligent web of tomorrow -- is all
about data integrity. It's not just AI. Verifiable, trustworthy, accurate data
and computation are necessary parts of cloud computing, peer-to-peer social
networking, and distributed data storage. Imagine a world of driverless cars,
where the cars communicate with each other about their intentions and road
conditions. That doesn't work without integrity. And neither does a smart power
grid, or reliable mesh networking. There are no trustworthy AI agents without
integrity.

We're going to have to solve a small language problem first, though.
Confidentiality is to confidential, and availability is to available, as
integrity is to what? The analogous word is "integrous," but that's such an
obscure word that it's not in the Merriam-Webster dictionary, even in its
unabridged version. I propose that we re-popularize the word, starting here.

We need research into integrous system design.

We need research into a series of hard problems that encompass both data and
computational integrity. How do we test and measure integrity? How do we build
verifiable sensors with auditable system outputs? How to we build integrous data
processing units? How do we recover from an integrity breach? These are just a
few of the questions we will need to answer once we start poking around at
integrity.

There are deep questions here, deep as the internet. Back in the 1960s, the
internet was designed to answer a basic security question: Can we build an
available network in a world of availability failures? More recently, we turned
to the question of privacy: Can we build a confidential network in a world of
confidentiality failures? I propose that the current version of this question
needs to be this: Can we build an integrous network in a world of integrity
failures? Like the two version of this question that came before: the answer
isn't obviously "yes," but it's not obviously "no," either.

Let's start thinking about integrous system design. And let's start using the
word in conversation. The more we use it, the less weird it will sound. And, who
knows, maybe someday the American Dialect Society will choose it as the word of
the year.

This essay was originally published in IEEE Security & Privacy.

** *** ***** ******* *********** *************
How Cybersecurity Fears Affect Confidence in Voting Systems

[2025.06.30] American democracy runs on trust, and that trust is cracking.

Nearly half of Americans, both Democrats and Republicans, question whether
elections are conducted fairly. Some voters accept election results only when
their side wins. The problem isn't just political polarization -- it's a
creeping erosion of trust in the machinery of democracy itself.

Commentators blame ideological tribalism, misinformation campaigns and partisan
echo chambers for this crisis of trust. But these explanations miss a critical
piece of the puzzle: a growing unease with the digital infrastructure that now
underpins nearly every aspect of how Americans vote.

The digital transformation of American elections has been swift and sweeping.
Just two decades ago, most people voted using mechanical levers or punch cards.
Today, over 95% of ballots are counted electronically. Digital systems have
replaced poll books, taken over voter identity verification processes and are
integrated into registration, counting, auditing and voting systems.

This technological leap has made voting more accessible and efficient, and
sometimes more secure. But these new systems are also more complex. And that
complexity plays into the hands of those looking to undermine democracy.

In recent years, authoritarian regimes have refined a chillingly effective
strategy to chip away at Americans' faith in democracy by relentlessly sowing
doubt about the tools U.S. states use to conduct elections. It's a sustained
campaign to fracture civic faith and make Americans believe that democracy is
rigged, especially when their side loses.

This is not cyberwar in the traditional sense. There's no evidence that anyone
has managed to break into voting machines and alter votes. But cyberattacks on
election systems don't need to succeed to have an effect. Even a single failed
intrusion, magnified by sensational headlines and political echo chambers, is
enough to shake public trust. By feeding into existing anxiety about the
complexity and opacity of digital systems, adversaries create fertile ground for
disinformation and conspiracy theories. Testing cyber fears

To test this dynamic, we launched a study to uncover precisely how cyberattacks
corroded trust in the vote during the 2024 U.S. presidential race. We surveyed
more than 3,

--- BBBS/LiR v4.10 Toy-7
 * Origin: TCOB1: https/binkd/telnet binkd.rima.ie (618:500/1)